Page MenuHome GnuPG
Create Task
Maniphest T7794

gpg pick the wrong username
Closed, ResolvedPublic
Actions

Description

The Kyber768 public key was specified for encryption, but the Kyber768-X25519 public key was actually used for encryption:

root@localhost:~# gpg -k
[keyboxd]
---------
pub   ed25519/0x13AAA77D280BCF7C 2025-08-23 [SC]
      3D22960A7C4CEDD76F57C53513AAA77D280BCF7C
uid                   [ultimate] Kyber768-X25519
sub   ky768_cv25519/0x00E772737C84F0F7 2025-08-23 [E]
      00E772737C84F0F7367AB63665A12E8DA969B70640E7343CB510287019C60462

pub   brainpoolP256r1/0xB108C63C6DBDFA5C 2025-08-23 [SC]
      C9B9E2A2B3C0FE45541A4493B108C63C6DBDFA5C
uid                   [ultimate] Kyber768
sub   ky768_bp256/0x69A0D4BACC9A31BE 2025-08-23 [E]
      69A0D4BACC9A31BE1BCAEF6C67CB8B372D85F9AC5CE3B7DF3240589596206F9E

root@localhost:~# echo 123 | gpg -vvv -a -r Kyber768 -e 
gpg: using character set 'utf-8'
gpg: enabled compatibility flags:
gpg: using subkey 0x00E772737C84F0F7 instead of primary key 0x13AAA77D280BCF7C
gpg: using pgp trust model
gpg: key 0xB108C63C6DBDFA5C: accepted as trusted key
gpg: key 0x5DB951683BEAD937: accepted as trusted key
gpg: key 0x13AAA77D280BCF7C: accepted as trusted key
gpg: key 0x3634E4E4836D23EE: accepted as trusted key
gpg: This key belongs to us
gpg: reading from '[stdin]'
gpg: writing to stdout
gpg: Kyber/AES256.OCB encrypted for: "0x00E772737C84F0F7 Kyber768-X25519"
-----BEGIN PGP MESSAGE-----

hQSaAwDncnN8hPD3CAEA1PYgUwzlGN00gGt7Cpnv6/BbaGqf2gvxwT7LsJWP7REA
...
-----END PGP MESSAGE-----
root@localhost:~# 


root@localhost:~# gpgconf -V
* GnuPG 2.5.11 (11ab27dfd7ca115d42d16453feab3ba781dfcdcd)
GNU/Linux

* Libgcrypt 1.11.2 (737cc636)
version:1.11.2:10b02:1.55:13700:
cc:110400:gcc:11.4.0:
ciphers:arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:sm4:aria:
pubkeys:dsa:elgamal:rsa:ecc:kyber:
digests:crc:gostr3411-94::md4:md5:rmd160:sha1:sha256:sha512:sha3:tiger:whirlpool:stribog:blake2:sm3:
rnd-mod:getentropy:
cpu-arch:x86:amd64:
mpi-asm:amd64/mpih-add1.S:amd64/mpih-sub1.S:amd64/mpih-mul1.S:amd64/mpih-mul2.S:amd64/mpih-mul3.S:amd64/mpih-lshift.S:amd64/mpih-rshift.S:
mpi-powm:fixed-window
hwflist:intel-cpu:intel-fast-shld:intel-bmi2:intel-ssse3:intel-sse4.1:intel-pclmul:intel-aesni:intel-rdrand:intel-avx:intel-avx2:intel-fast-vpgather:intel-rdtsc:
fips-mode:n:::
rng-type:standard:1:3030000:1:
compliance:::

* GpgRT 1.55 (99381397a06564fd8ae1c623c11036a5da099a4f)

* nPth 1.8 (64905e765aad9de6054ef70a97fc30bd992ce999)

* Libassuan 3.0.2 (0f84595a4bc706d3afb969d59618244c7db3b59f)

* KSBA 1.6.7 (b14e68b)

* NTBTLS 0.3.2 (2c38007)

root@localhost:~#

Event Timeline

William created this task.Mon, Aug 25, 8:16 PM
ikloecker added a subscriber: ikloecker.Mon, Aug 25, 8:45 PM

I don't see the problem. The pattern "Kyber768" is ambiguous because it matches the user IDs of both keys. The match is a simple substring match. There's no logic for "exact match" and no heuristic for "better match". If you want to ensure that a specific key is chosen then you must use a unique identifier for the key. Best use the fingerprint.

werner closed this task as Resolved.Tue, Aug 26, 9:41 AM
werner claimed this task.
werner edited projects, added FAQ, gnupg; removed Bug Report.
werner added a subscriber: werner.

You may also specify a mail address in which case gpg tries to find the best matching key. For example the latest key with that mail address. See gnupg/g10/getkey.c:get_best_pubkey_byname